def _process_l3_update(self, context, net_data, req_data, allow_all=True):
new_value = req_data.get(extnet_apidef.EXTERNAL)
net_id = net_data['id']
if not validators.is_attr_set(new_value):
return
if net_data.get(extnet_apidef.EXTERNAL) == new_value:
return
if new_value:
net_obj.ExternalNetwork(context, network_id=net_id).create()
net_data[extnet_apidef.EXTERNAL] = True
if allow_all:
context.session.add(
rbac_db.NetworkRBAC(object_id=net_id,
action='access_as_external',
target_tenant='*',
tenant_id=net_data['tenant_id']))
else:
# must make sure we do not have any external gateway ports
# (and thus, possible floating IPs) on this network before
# allow it to be update to external=False
if context.session.query(models_v2.Port.id).filter_by(
device_owner=constants.DEVICE_OWNER_ROUTER_GW,
network_id=net_data['id']).first():
raise extnet_exc.ExternalNetworkInUse(net_id=net_id)
net_obj.ExternalNetwork.delete_objects(context, network_id=net_id)
for rbdb in (context.session.query(rbac_db.NetworkRBAC).filter_by(
object_id=net_id, action='access_as_external')):
context.session.delete(rbdb)
net_data[extnet_apidef.EXTERNAL] = False
def _process_l3_create(self, context, net_data, req_data):
external = req_data.get(external_net.EXTERNAL)
external_set = attributes.is_attr_set(external)
if not external_set:
return
# TODO(armax): these notifications should switch to *_COMMIT
# when the event becomes available, as this block is expected
# to be called within a plugin's session
if external:
try:
registry.notify(resources.EXTERNAL_NETWORK,
events.BEFORE_CREATE,
self,
context=context,
request=req_data,
network=net_data)
except c_exc.CallbackFailure as e:
# raise the underlying exception
raise e.errors[0].error
context.session.add(ExternalNetwork(network_id=net_data['id']))
context.session.add(
rbac_db.NetworkRBAC(object_id=net_data['id'],
action='access_as_external',
target_tenant='*',
tenant_id=net_data['tenant_id']))
registry.notify(resources.EXTERNAL_NETWORK,
events.AFTER_CREATE,
self,
context=context,
request=req_data,
network=net_data)
net_data[external_net.EXTERNAL] = external
def update_network(self, context, id, network):
n = network['network']
with context.session.begin(subtransactions=True):
network = self._get_network(context, id)
# validate 'shared' parameter
if 'shared' in n:
entry = None
for item in network.rbac_entries:
if (item.action == 'access_as_shared'
and item.target_tenant == '*'):
entry = item
break
setattr(network, 'shared', True if entry else False)
self._validate_shared_update(context, id, network, n)
update_shared = n.pop('shared')
if update_shared and not entry:
entry = rbac_db.NetworkRBAC(network=network,
action='access_as_shared',
target_tenant='*',
tenant_id=network['tenant_id'])
context.session.add(entry)
elif not update_shared and entry:
context.session.delete(entry)
context.session.expire(network, ['rbac_entries'])
network.update(n)
return self._make_network_dict(network, context=context)
def create_network(self, context, network):
"""Handle creation of a single network."""
# single request processing
n = network['network']
# NOTE(jkoelker) Get the tenant_id outside of the session to avoid
# unneeded db action if the operation raises
tenant_id = self._get_tenant_id_for_create(context, n)
with context.session.begin(subtransactions=True):
args = {
'tenant_id': tenant_id,
'id': n.get('id') or uuidutils.generate_uuid(),
'name': n['name'],
'admin_state_up': n['admin_state_up'],
'mtu': n.get('mtu', constants.DEFAULT_NETWORK_MTU),
'status': n.get('status', constants.NET_STATUS_ACTIVE)
}
# TODO(pritesh): Move vlan_transparent to the extension module.
# vlan_transparent here is only added if the vlantransparent
# extension is enabled.
if ('vlan_transparent' in n and
n['vlan_transparent'] != attributes.ATTR_NOT_SPECIFIED):
args['vlan_transparent'] = n['vlan_transparent']
network = models_v2.Network(**args)
if n['shared']:
entry = rbac_db.NetworkRBAC(network=network,
action='access_as_shared',
target_tenant='*',
tenant_id=network['tenant_id'])
context.session.add(entry)
context.session.add(network)
return self._make_network_dict(network,
process_extensions=False,
context=context)
def _process_l3_create(self, context, net_data, req_data):
external = req_data.get(external_net.EXTERNAL)
external_set = validators.is_attr_set(external)
if not external_set:
return
if external:
context.session.add(
ext_net_models.ExternalNetwork(network_id=net_data['id']))
context.session.add(
rbac_db.NetworkRBAC(object_id=net_data['id'],
action='access_as_external',
target_tenant='*',
tenant_id=net_data['tenant_id']))
try:
registry.notify(resources.EXTERNAL_NETWORK,
events.PRECOMMIT_CREATE,
self,
context=context,
request=req_data,
network=net_data)
except c_exc.CallbackFailure as e:
# raise the underlying exception
raise e.errors[0].error
net_data[external_net.EXTERNAL] = external
def _process_l3_create(self, context, net_data, req_data):
external = req_data.get(extnet_apidef.EXTERNAL)
external_set = validators.is_attr_set(external)
if not external_set:
return
if external:
net_obj.ExternalNetwork(
context, network_id=net_data['id']).create()
context.session.add(rbac_db.NetworkRBAC(
object_id=net_data['id'], action='access_as_external',
target_tenant='*', tenant_id=net_data['tenant_id']))
net_data[extnet_apidef.EXTERNAL] = external
def _process_l3_update(self, context, net_data, req_data, allow_all=True):
try:
registry.notify(resources.EXTERNAL_NETWORK,
events.BEFORE_UPDATE,
self,
context=context,
request=req_data,
network=net_data)
except c_exc.CallbackFailure as e:
# raise the underlying exception
raise e.errors[0].error
new_value = req_data.get(external_net.EXTERNAL)
net_id = net_data['id']
if not validators.is_attr_set(new_value):
return
if net_data.get(external_net.EXTERNAL) == new_value:
return
if new_value:
context.session.add(
ext_net_models.ExternalNetwork(network_id=net_id))
net_data[external_net.EXTERNAL] = True
if allow_all:
context.session.add(
rbac_db.NetworkRBAC(object_id=net_id,
action='access_as_external',
target_tenant='*',
tenant_id=net_data['tenant_id']))
else:
# must make sure we do not have any external gateway ports
# (and thus, possible floating IPs) on this network before
# allow it to be update to external=False
port = context.session.query(
models_v2.Port).filter_by(device_owner=DEVICE_OWNER_ROUTER_GW,
network_id=net_data['id']).first()
if port:
raise external_net.ExternalNetworkInUse(net_id=net_id)
for edb in (context.session.query(
ext_net_models.ExternalNetwork).filter_by(
network_id=net_id)):
context.session.delete(edb)
for rbdb in (context.session.query(rbac_db.NetworkRBAC).filter_by(
object_id=net_id, action='access_as_external')):
context.session.delete(rbdb)
net_data[external_net.EXTERNAL] = False
